Dual authentication method in mobile networks
Abstract
Disclosed is a method for safely and rapidly performing a dual authentication when a mobile node is in a ping-pong state in a mobile network based on mobile IPv6. When a mobile node is in a ping-pong state where the mobile node is moving in an overlapping coverage area of a previous access router and a new access router, the method allows the previous access router to perform an authentication operation by reusing authentication information having been used in the previous access router, without requesting information required for authentication to an Authentication, Authorization, and Accounting (AAA) server. Thus, the authentication of the mobile node in an AAA environment can be safely and rapidly performed, an authentication failure in the ping-pong state can be prevented.
Claims
exact text as granted — not AI-modified1 . A dual authentication method for a mobile node which is in a ping-pong state where the mobile node is moving in an overlapping coverage area of a previous access router and a new access router, the method comprising the steps of:
allowing the previous access router to perform an authentication operation by reusing authentication information having been used in the previous access router, without requesting information required for authentication to an Authentication, Authorization, and Accounting (AAA) server, thereby rapidly performing the authentication of the mobile node.
2 . The method as claimed in claim 1 , wherein the dual authentication method is performed by using an ID-based encryption (IBE) scheme.
3 . The method as claimed in claim 1 , wherein the dual authentication method is performed in a Mobile IPv6 environment.
4 . The method as claimed in claim 1 , wherein when the mobile node is in a ping-pong state where the mobile node is moving in the overlapping coverage area of the previous access router and new access router, the mobile node creates a registration message based on a router advertisement message received from the new access router.
5 . The method as claimed in claim 4 , wherein the mobile node transmits the registration message to both the previous access router and the new access router at the same time.
6 . The method as claimed in claim 5 , wherein when the new access router receives an authentication request message from the mobile node, the new access router forwards the authentication request message to the AAA server.
7 . The method as claimed in claim 6 , wherein the AAA server transmits new Care-of-Address (CoA) information of the mobile node to a home agent (HA) so as to notify the home agent that the mobile node has moved to a new network.
8 . The method as claimed in claim 7 , wherein the home agent transmits to the AAA server a confirmation message that the new CoA information of the mobile node has been recorded, and the AAA server creates a registration confirmation message to be transmitted to the new access router.
9 . The method as claimed in claim 8 , wherein the AAA server transmits the created registration confirmation message to the new access router, and the new access router authenticates the mobile node as soon as the new access router receives the registration confirmation message from the AAA server.
10 . The method as claimed in claim 9 , wherein the new access router transmits to the mobile node the registration confirmation message received from the AAA server, and the mobile node receives the registration confirmation message from the new access router and acquires a session key created by the home agent, thereby safely communicating with the new access router.
11 . A dual authentication method for a mobile node which is in a ping-pong state where the mobile node is moving in an overlapping coverage area of a pAR and a nAR, the method comprising the steps of:
creating, by the mobile node, a registration message based on a router advertisement message received from the new access router; simultaneously transmitting the registration messages from the mobile node to the new access router and the previous access router; performing authentication by the previous access router itself, without committing an authentication request message, which has been received from the mobile node, to an Authentication, Authorization, and Accounting (AAA) server; transmitting, by the previous access router having performed the authentication, a response message to the registration message to the mobile node; authenticating, by the mobile node, the response message received from the previous access router; receiving, by the new access router, an authentication request message from the mobile node; forwarding the authentication request message from the new access router to the AAA server in order to request authentication; authenticating, by the AAA server, the authentication request message of the mobile node, which has been transmitted from the new access router; transmitting new Care-of-Address (CoA) information of the mobile node from the AAA server to a home agent, in order to notify the home agent that the mobile node has moved to a new network; recording, by the home agent, the new CoA information of the mobile node in a Binding Update List (BUL) of the home agent, thereby confirming that a handover has been performed; transmitting, from the home agent to the AAA server, a confirmation message that the new CoA information of the mobile node has been recorded; creating, by the AAA server, a registration confirmation message to be transmitted to the new access router; transmitting the created registration confirmation message from the AAA server to the new access router; receiving, by the new access router, the registration confirmation message transmitted from the AAA server, and authenticating the mobile node; and transmitting the registration confirmation message, which the new access router has received from the AAA server, from the new access router to the mobile node.
12 . The method as claimed in claim 11 , wherein, after authenticating the response message received from the previous access router, the mobile node communicates with the previous access router by using a session key received from the previous access router.
13 . The method as claimed in claim 11 , wherein the mobile node acquires a session key created by the home agent, thereby safely communicating with the new access router.Join the waitlist — get patent alerts
Track US2008057906A1 — get alerts on status changes and closely related new filings.
We store only your email — no account needed. See our privacy policy.